On Mon, Nov 21, 2016 at 3:11 PM Fredrik Wendt <[email protected]> wrote:
> Thanks Andrew! > I only have one concern really, and that is: > * how to configure the gocd server so that agents know the canonical > URL/endpoints > * do you point the agents to 8154 port? > It is the agents that need to know the endpoint of your server (including port 8154). The server url you refer to, is primarily used to generate some urls in emails that get sent out. Before 16.7 users were expected to provide an ip/hostname in GO_SERVER (which was expected to only contain a hostname), the initial handshake was over HTTP after which the agent knew what SSL port to connect to — $ curl --silent http://your-go-server:8153/go/admin/agent --head | grep Port Cruise-Server-Ssl-Port: 8154 This mechanism was inherently insecure and prone to MITM attacks, so it was decided to implement end-to-end-transport-security <https://docs.go.cd/current/installation/ssl_tls/end_to_end_transport_security.html>. You're now expected to set a GO_SERVER_URL (instead of a GO_SERVER) in order to configure the agent. The agent still supports GO_SERVER for backward compatibility, but that support will be removed soon. -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
